Skip to main content
BlueP
BlueP
Explorer
October 29, 2024
Solved

firmware upgrade

  • October 29, 2024
  • 2 replies
  • 9608 views

Our firewall (FortiGate-500E v7.0.14, build0601) is currently experiencing issues with upgrading to newer firmware versions. There are two options available: versions 7.2.7 and 7.2.8. However, the release notes for version 7.2.7 indicate a bug affecting IPsec tunnels, while version 7.2.8 has a known issue with routing and SD-WAN

 

How should I determine the most suitable version for the upgrade?

known issues: 7.2.7 -->> https://docs.fortinet.com/document/fortigate/7.2.7/fortios-release-notes/236526/known-issues

 

 

known issues: 7.2.8 --> https://docs.fortinet.com/document/fortigate/7.2.8/fortios-release-notes/236526/known-issues

 

 

 

 

Best answer by Toshi_Esumi

I think @Umer221 meant to show "FGT_500E-..."
But I strongly recommend you go up to 7.2.9 or 7.2.10 due to some vulnerabilities in those 7.2.7 and 7.2.8. See the release notes of 7.2.9, at the bottom of "Resolved Issues" section.

Toshi

2 replies

zoludwo2
zoludwo2
New Member
October 29, 2024

Agreed. IPMI/iDrac/iLo present with vulnerabilities like any software. For those concerned about firmware updates breaking servers, or otherwise causing undesirable behavior, I suggest you ensure you have a test machine in the lab https://100001.onl/  .

Umer221
Staff
Umer221
Staff
October 29, 2024

@BlueP 

 

When upgrading from version 7.0.14 to later versions, be sure not to skip version 7.0.15. Although the upgrade path tool may not indicate 7.0.15 as a required step, you should consult this article for further guidance: Technical Tip - Boot failure after upgrading to v7.0.15.

 

Therefore, please ensure you upgrade to 7.0.15 before proceeding to subsequent versions.

 

Additionally, it’s recommended to test upgrades in your lab environment first, as this issue may not occur on all devices. It can vary depending on the specific topology and device type in use.

 

 

Toshi_Esumi
SuperUser
Toshi_Esumi
SuperUser
October 29, 2024

@Umer221If my interpretation of the KB is correct, the version you shouldn't skip is not 7.0.15 but it's 7.0.14. Am I reading it wrong?

  • The error message 'failed verification on /data/datafs.tar.gz' can occur when upgrading from any version lower than v7.0.14 once skipped the upgrade path and upgraded directly to v7.0.15 or above.
  • Before upgrading, the system must be on the base of v7.0.14.


Toshi

 

Umer221
Staff
Umer221
Staff
October 29, 2024

@Toshi_Esumi 

Thank you for catching this. Correct it is 7.0.14 version not suppose to be skipped, so it does not apply in this case.

Terms & ConditionsAccessibility statement